third_party/WebKit/Source/core/frame/csp/CSPDirectiveListTest.cpp - Issue 2562953002: Part 5.2: Is policy list subsumed under subsuming policy?

Unified Diff: third_party/WebKit/Source/core/frame/csp/CSPDirectiveListTest.cpp

Issue 2562953002: Part 5.2: Is policy list subsumed under subsuming policy? (Closed)

Patch Set: Removing trace from MediaListDirective Created 4 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp ('K') | « third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp ('k') | third_party/WebKit/Source/core/frame/csp/MediaListDirective.h » ('j') | third_party/WebKit/Source/core/frame/csp/MediaListDirectiveTest.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/Source/core/frame/csp/CSPDirectiveListTest.cpp

diff --git a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveListTest.cpp b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveListTest.cpp

index b0ba8da08e31865a11c592bf7483c4ec40348687..d984f7e2e1fc0c81568472886f896a4c483e468a 100644

--- a/third_party/WebKit/Source/core/frame/csp/CSPDirectiveListTest.cpp

+++ b/third_party/WebKit/Source/core/frame/csp/CSPDirectiveListTest.cpp

@@ -621,6 +621,62 @@ TEST_F(CSPDirectiveListTest, SubsumesIfNoneIsPresent) {

}

+TEST_F(CSPDirectiveListTest, SubsumesPluginTypes) {

+ struct TestCase {

+ const char* policyA;

+ const std::vector<const char*> policiesB;

+ bool expected;

+ } cases[] = {

+ // `policyA` subsumes `policiesB`.

+ {"script-src 'unsafe-inline'",

+ {"script-src ", "script-src http://example.com",

+ "plugin-types text/plain"},

+ true},

+ {"script-src http://example.com",

+ {"script-src http://example.com; plugin-types "},

+ true},

+ {"script-src http://example.com",

+ {"script-src http://example.com; plugin-types text/plain"},

+ true},

+ {"script-src http://example.com; plugin-types text/plain",

+ {"script-src http://example.com; plugin-types text/plain"},

+ true},

+ {"script-src http://example.com; plugin-types text/plain",

+ {"script-src http://example.com; plugin-types "},

+ true},

+ {"script-src http://example.com; plugin-types text/plain",

+ {"script-src http://example.com; plugin-types ", "plugin-types "},

+ true},

+ // `policyA` does not subsume `policiesB`.

+ {"script-src http://example.com; plugin-types text/plain",

+ {"script-src http://example.com"},

+ false},

+ {"plugin-types random-value",

+ {"script-src 'unsafe-inline'", "plugin-types text/plain"},

+ false},

+ {"plugin-types random-value",

+ {"script-src http://example.com", "script-srcs http://example.com"},

Mike West 2016/12/13 13:54:47 Is `script-srcs` intentional?

+ false},

+ {"plugin-types random-value",

+ {"plugin-types text/plain", "plugin-types text/plain"},

+ false},

+ {"script-src http://example.com; plugin-types text/plain",

+ {"plugin-types ", "plugin-types "},

+ false},

+ };

+ for (const auto& test : cases) {

+ CSPDirectiveList* A =

+ createList(test.policyA, ContentSecurityPolicyHeaderTypeEnforce);

+ HeapVector<Member<CSPDirectiveList>> listB;

+ for (const auto& policyB : test.policiesB)

+ listB.append(createList(policyB, ContentSecurityPolicyHeaderTypeEnforce));

+ EXPECT_EQ(test.expected, A->subsumes(listB));

+ }

TEST_F(CSPDirectiveListTest, OperativeDirectiveGivenType) {

enum DefaultBehaviour { Default, NoDefault, ChildAndDefault };